On Thu, 28 Mar 2002, Lucky Green wrote: :Which brings me to an issue that I hope may be on-topic to this mailing :list: I would like to be able to enforce that the keys my users can use :to authenticate themselves to my sshd to be of a minimum size. Is there :a config option to sshd that will reject user keys below a minimum size? :I didn't see anything in the man pages or my first go through the code.
no config option, but this change will be in the next release: RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/auth-rsa.c,v retrieving revision 1.53 retrieving revision 1.54 diff -u -r1.53 -r1.54 --- src/usr.bin/ssh/auth-rsa.c 2002/03/25 09:21:13 1.53 +++ src/usr.bin/ssh/auth-rsa.c 2002/03/26 23:13:03 1.54 @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.53 2002/03/25 09:21:13 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $"); #include <openssl/rsa.h> #include <openssl/md5.h> @@ -77,6 +77,13 @@ u_char buf[32], mdbuf[16]; MD5_CTX md; int len; + + /* don't allow short keys */ + if (BN_num_bits(key->rsa->n) < 768) { + error("auth_rsa_verify_response: n too small: %d bits", + BN_num_bits(key->rsa->n)); + return (0); + } /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge);